Please turn on your JavaScript for this page to function normally.
Avast
Avast breached by hackers who wanted to compromise CCleaner again

Czech security software maker Avast has suffered another malicious intrusion into their networks, but the attackers didn’t accomplish what they apparently wanted: …

Cryptojacking worm compromised over 2,000 Docker hosts

Security researchers have discovered a cryptojacking worm that propagates using containers in the Docker Engine (Community Edition) and has spread to more than 2,000 …

Researcher releases PoC rooting app that exploits recent Android zero-day

Late last month Google Project Zero researcher Maddie Stone detailed a zero-day Android privilege escalation vulnerability (CVE-2019-2215) and revealed that it is actively …

Cisco wireless
Cisco fixes serious flaws in enterprise-grade Catalyst and Aironet access points

Cisco has released another batch of security updates, the most critical of which fixes a vulnerability that could allow unauthenticated, remote attackers to gain access to …

audio
WAV files spotted delivering malicious code

Attackers have embedded crypto-mining and Metasploit code into WAV audio files to stymie threat detection solutions. “All WAV files discovered adhere to the format of a …

Adobe
Adobe splats bucketful of bugs in Acrobat and Reader

If you thought that Adobe skipped this month’s Patch Tuesday because there were no immediate vulnerabilities to fix, you were wrong: a week later the company dropped …

Windows Defender
Tamper Protection prevents malware from disabling Microsoft Defender AV

Microsoft Defender, the anti-malware component of Microsoft Windows, has been equipped with a new protective feature called Tamper Protection, which should prevent malware …

city
“Smart city” governments should also be smart about security

While the definition of “smart city” is still under debate, one thing is indisputable: the technologies used to make smart cities a reality are currently acquired …

certificate
Analysis reveals the most common causes behind mis-issued SSL/TLS certificates

We should be able to trust public key certificates, but this is the real world: mistakes and “mistakes” happen. Researchers from Indiana University Bloomington …

Imperva
Imperva explains how their recent security incident happened

In late August, Imperva suffered a security incident, resulting in the compromise of sensitive information of some of their Cloud WAF customers. On Thursday, Imperva CTO Kunal …

Microsoft NTLM
Microsoft NTLM vulnerabilities could lead to full domain compromise

Preempt researchers have discovered two vulnerabilities that may allow attackers to bypass a number of protections and mitigations against NTLM relay attacks and, in some …

lock
2FA, HTTPS and private browsing still a mystery to most Americans

Most US adults know what phishing scams are and where they occur, what browser cookies do, and that advertising is the largest source of revenue for most social media …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released whent there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools